|
|
|
|
|
|
| Third Semi-Annual Web Application Attack Report from Imperva Finds Web Applications Under Attack One Third of the Time; SQL Injection Remains Most Popular Vector |
Redwood Shores, CA, Aug 7, 2012 - (ACN Newswire) - Imperva, Inc. (NYSE: IMPV), a pioneer and leader of a new category of data security solutions for high-value business data in the data center, released today the results of the third Imperva Web Application Attack Report (WAAR), which reveals that the median annual attack incidents on the 50 Web applications observed was 274 times a year, with one target experiencing more than 2,700 attack incidents.
According to the report, the average attack incident for the observed Web applications lasted seven minutes and 42 seconds, but the longest attack incident lasted an hour and 19 minutes. SQL Injection remains the most popular attack vector.
"These findings indicate a significant difference between an average Web application attack incident and the upper limit," said Amichai Shulman, CTO, Imperva. "We believe that organizations that are only prepared for an average attack incident may be overwhelmed by larger attack incidents, like a flood bursting through a levy."
The WAAR, created as part of Imperva's ongoing Hacker Intelligence Initiative, offers insight into actual malicious attack traffic of 50 Web applications over a period of six months, December 2011 through May 2012. Imperva monitored and categorized numerous individual attacks across the Internet, as well as attacks targeting different enterprise and government Web applications. The WAAR outlines the frequency, type, and geography of origin of each attack to help security professionals prioritize vulnerability remediation.
Highlights from the report include:
- SQL injection remains most common attack vector: Imperva reviews and summarizes the cumulative characteristics of Web application attack vectors, including SQL injection, cross-site scripting (XSS), RFI and LFI, and observes that SQL injection is the most commonly used attack for the 50 observed Web applications.
- Intensity of attacks increasing: Applications will typically see only some serious attack action roughly every third day, for a few minutes, but the attacks may overwhelm the application if the defenses are prepared for only the average intensity of attack.
- France leads SQL injection: As reported in the previous WAAR report, the majority of requests and attackers originate in the USA, western European countries, China and Brazil. However, France has emerged as the leading source of SQL injection attacks, with the attack volume of requested originating from France almost four times greater than that of the United States.
"The cyber battlefield looks a lot more like a border keeping mission than total war - most of the time very little happens, but every once in a while there's an outbreak of attacks," said Shulman. "Regardless of the frequency of attacks and peaceful periods, we believe organizations need to be prepared for these bursts of activity during attack incidents."
For a full copy of the Web Application Attack Report, visit http://www.imperva.com/download.asp?id=29.
To sign up for a webinar detailing the report, visit https://imperva.webex.com/imperva/onstage/g.php?d=796741175&t=a&SourceID=016.
About Imperva
Imperva is a pioneer and leader of a new category of data security solutions for high-value business data in the data center. With more than 1,800 end-user customers and thousands of organizations protected through cloud-based deployments, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere identifies and secures high-value data across file systems, web applications and databases. For more information, visit www.imperva.com, follow us on Twitter or visit our blog. We're hiring! Help us protect the world's data: http://www.imperva.com/go/jobs.
Media Contact:
Fitzgerald Barth
1-415-432-2457
fitzgerald.barth@lewispulse.com
Forward Looking Statements
This news release contains forward-looking statements, including without limitation those regarding Imperva's belief that organizations that are only prepared for an average attack incident may be overwhelmed by larger attack incidents and Imperva's belief that organizations need to be prepared for attack incidents. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations. You should consider important risk factors, which include: the risk that our products are not adopted at levels that we anticipate; the risk that competitors may be perceived by customers to be better positioned to help handle Web application attacks; and other risks detailed under the caption "Risk Factors" in Imperva's Form 10-Q filed with the Securities and Exchange Commission, or the SEC, on May 11, 2012 and Imperva's other SEC filings. You can obtain copies of Imperva's SEC filings on the SEC's website at www.sec.gov. We undertake no obligation to update any of the forward-looking statements contained herein after the date of this release, whether as a result of new information, future events or otherwise.
(C) 2012 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and SecureSphere are registered trademarks of Imperva, Inc.
This announcement is distributed by Thomson Reuters on behalf of Thomson Reuters clients.
The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and other applicable laws; and
(ii) they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Imperva Inc. via Thomson Reuters ONE
Topic: New Security Issue
Source: Imperva Inc.
Sectors: Daily Finance, IT Individual
http://www.acnnewswire.com
From the Asia Corporate News Network
Copyright © 2024 ACN Newswire. All rights reserved. A division of Asia Corporate News Network.
|
|
|
|
|
|
|
| Imperva Inc. |
| July 3, 2014 07:05 HKT/SGT |
|
Imperva Named Web Application Firewall Vendor of the Year at 2014 Frost & Sullivan Asia Pacific ICT Awards |
| Jan 29, 2013 16:05 HKT/SGT |
|
Imperva Report Examines Dangers of Third-Party Code for Cloud Security |
| Dec 21, 2012 07:10 HKT/SGT |
|
Imperva Issues 2013 Cyber Security Predictions |
| Dec 5, 2012 13:05 HKT/SGT |
|
Imperva Reports Antivirus Solutions Woefully Inadequate |
| Nov 19, 2012 18:00 HKT/SGT |
|
Imperva Ranked 235th Fastest Growing Company in North America on Deloitte's 2012 Technology Fast 500(TM) |
| Nov 14, 2012 13:40 HKT/SGT |
|
Imperva and Acunetix Partner to Virtually Patch Web Vulnerabilities |
| Oct 30, 2012 20:15 HKT/SGT |
|
Increased Hacker Interest in SQL Injection Attacks |
| Oct 25, 2012 07:25 HKT/SGT |
|
Mitigate Insider Threats With A Measured Approach To Security |
| Sept 26, 2012 20:15 HKT/SGT |
|
Imperva SecureSphere WAF to be hosted on the Cisco Nexus 1110/1010 Virtual Services Appliances to Improve Web Application Security |
| Sept 25, 2012 08:05 HKT/SGT |
|
Imperva Earns Government Technology Research Alliance Insider Threat Roundtable Award |
| More news >> |
 |
|
|
|
